SSO OneLogin
This article describes how to integrate OneLogin with Umbrella.
How To Integrate OneLogin
- Access your OneLogin developer account.
- On the Administration page, go to Applications > Add App.
- Find the AWS Cognito.
- Set Umbrella (SAML) under the Display name (or any other name).
- Add an icon and description (optional).
- Click Save.
- Go to Applications > Umbrella (SAML) > Configuration and enter the following:
- In SAML Audience, set:
urn:amazon:cognito:sp:us-east-1\_Uv6ArNdSK - In ACS (Consumer) URL, set the same:
https\://mypileus.auth.us-east-1.amazoncognito.com/saml2/idpresponse - In ACS (Consumer) URL Validator, set:
https\://mypileus.auth.us-east-1.amazoncognito.com/saml2/idpresponse - In the Single Logout URL, set:
https\://mypileus.io/log\_out
- In SAML Audience, set:
- Click Save.
- Go to Applications > Umbrella (SAML) > Users.
- Add the relevant users.
- Forward to Umbrella support the following to complete the configuration on Umbrella's side ([email protected]):
- Issuer URL (go to Applications > Umbrella (SAML) > SSO > Issuer URL)
- A list of all email domains
- After Umbrella completes the integration, we will provide you the URL value, please enter it in OneLogin at:
- Go to Applications > Umbrella (SAML) > Configuration
- at the Login URL set the URL you received from Umbrella.
As part of the SSO integration, follow the steps below to add users and management roles from the IDP (identity provider):
- Navigate to the Applications > Umbrella (SAML) > Parameters.
- Click on "+" icon.
- Define the New field as follows and click on Save:
- Navigate to the Applications > Umbrella (SAML) > Rules.
- Click on Add Rule.
- Define the condition based on your roles.
- Under the Actions section, define the following:
you can find the role ID of a specific role on the Accounts > Roles & Users page.
Updated 10 days ago